TY - GEN
T1 - Context-Aware Privacy-Optimizing Address Tracing
AU - Dangwal, Deeksha
AU - Zhang, Zhizhou
AU - Crandall, Jedidiah R.
AU - Sherwood, Timothy
N1 - Funding Information:
The authors would like to thank Mario Badr, Abhejit Rajagopal, Vincent T. Lee, Junayed Naushad, Chandra Krintz and the anonymous reviewers for their valuable feedback. This material is based upon work supported by the National Science Foundation under Grants No. 1763699, 1730309, 1717779, 1563935.
Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - Application tuning requires a coordinated effort across hardware and software to achieve optimized application performance. Execution traces offer unique insights into a program's behavior over real inputs and serve as an invaluable resource for hardware and software engineers during the co-optimization process. Unfortunately, these traces are rarely shared between technology partners because even the simplest address traces gathered from applications that utilize private data can divulge sensitive information. Developers must choose between sharing accurate and precise execution information that will lead to the best co-optimization results while protecting sensitive data. This is the fundamental tradeoff between utility and privacy in the context of program traces.Concurrently, global policy is moving in favor of providing users with privacy protections. As a field, we must develop tools, mechanisms, and primitives to uphold these regulatory protections. In this work, we utilize the leading industry standard: the LINDDUN privacy threat modeling method, to model the threats to privacy of traces. We leverage advances in information flow tracking techniques and LINDDUN's mitigation strategies to prevent inadvertent leakage of information. We introduce multiple classes of privacy-enhancing tracing techniques that allow context-aware differentiation of what information should remain in the trace and in what amounts based on annotations of private user input. To explore how meaningful the privatized traces are, we compare cache simulation and prefetching properties. This new approach leaks as few as zero bits of sensitive information and has an order of magnitude better utility than prior work.
AB - Application tuning requires a coordinated effort across hardware and software to achieve optimized application performance. Execution traces offer unique insights into a program's behavior over real inputs and serve as an invaluable resource for hardware and software engineers during the co-optimization process. Unfortunately, these traces are rarely shared between technology partners because even the simplest address traces gathered from applications that utilize private data can divulge sensitive information. Developers must choose between sharing accurate and precise execution information that will lead to the best co-optimization results while protecting sensitive data. This is the fundamental tradeoff between utility and privacy in the context of program traces.Concurrently, global policy is moving in favor of providing users with privacy protections. As a field, we must develop tools, mechanisms, and primitives to uphold these regulatory protections. In this work, we utilize the leading industry standard: the LINDDUN privacy threat modeling method, to model the threats to privacy of traces. We leverage advances in information flow tracking techniques and LINDDUN's mitigation strategies to prevent inadvertent leakage of information. We introduce multiple classes of privacy-enhancing tracing techniques that allow context-aware differentiation of what information should remain in the trace and in what amounts based on annotations of private user input. To explore how meaningful the privatized traces are, we compare cache simulation and prefetching properties. This new approach leaks as few as zero bits of sensitive information and has an order of magnitude better utility than prior work.
KW - Application tuning
KW - Information tracking
KW - Privacy
KW - Synthetic trace generation
UR - http://www.scopus.com/inward/record.url?scp=85123321709&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85123321709&partnerID=8YFLogxK
U2 - 10.1109/SEED51797.2021.00027
DO - 10.1109/SEED51797.2021.00027
M3 - Conference contribution
AN - SCOPUS:85123321709
T3 - Proceedings - 2021 International Symposium on Secure and Private Execution Environment Design, SEED 2021
SP - 150
EP - 162
BT - Proceedings - 2021 International Symposium on Secure and Private Execution Environment Design, SEED 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 1st International Symposium on Secure and Private Execution Environment Design, SEED 2021
Y2 - 20 September 2021 through 21 September 2021
ER -